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AMENDMENTS TO CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1. (Currently Amended) A system for protecting keys used to digitally sign files to be 
downloaded to a terminal, comprising: 

a smartcard having stored thereon a private key; and 

a file signing tool arranged to receive a file to be signed, to access the smartcard, and to 
download the sign e d files file to the terminal, 

wherein the smartcard includes an embedded secure processor programmed to perform 
all digital signing operations that require access to the private ke y before supplying results of the 
operations to the file signing tooL the file signing tool then performing further processing as 
necessary to generate a digital signature that is appended to the file for download to the terminal . 

2. (Original) A system as claimed in claim 1, wherein the smartcard also has stored thereon a 
signer certificate containing a public key corresponding to said private key. 

3. (Original) A system as claimed in claim 2, wherein said file signer tool is arranged to retrieve 
said signer certificate from said smartcard and append the signer certificate to the signed file for 
use by the terminal in authenticating a digital signature generated by the smartcard and file 
signing tool. 

4. (Original) A system as claimed in claim 3, wherein the signer certificate includes a field 
designating file types that may be authenticated by the signer certificate. 
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5. (Original) A system as claimed in claim 3, further comprising an owner certificate installed 
on said terminal for use by the terminal in authenticating the signer certificate. 

6. (Original) A system as claimed in claim 1, wherein the smartcard also has stored thereon a 
PIN, and wherein said smartcard is arranged to perform digital signing operations only if a 
corresponding PIN is input through said file signing tool. 

7. (Original) A system as claimed in claim 6, wherein said smartcard has stored thereon an 
authentication level indicating a number of PINs that must be input in order to access the 
smartcard. 

8. (Original) A system as claimed in claim 7, wherein said PINs that must be input are combined 
by a logical exclusive OR operation in order to obtain a combined PIN to be compared with a 
PIN stored on the smartcard before said digital signing operations are performed. 

9. (Original) A system as claimed in claim 7, wherein different ones of said PINs permit access 
to different private keys and public keys certificates having different file type properties, thereby 
enabling different authorization levels to be established. 

10. (Original) A system for protecting keys used to digitally sign files to be downloaded to a 
terminal, comprising: 

a smartcard; and 

means for storing a private key on the smartcard and means for protecting the private key 
by requiring input of multiple PINs before the smartcard can be accessed, 

wherein the smartcard includes an embedded secure processor programmed to perform 
all digital signing operations that require access to the private key. 

11. (Currently Amended) A method of protecting keys used to digitally sign files to be 
downloaded to a terminal, comprising the steps of: 



3 



Serial Number 09/893,465 



providing a smartcard having stored thereon a private key; 

providing a file signing tool arranged to receive a file to be signed, to access the 
smartcard, and to download the file to the terminal; 

utilizing a secure processor embedded in the smartcard to perform all digital signing 
operations that require access to the private ke y before supplying results of the operations to the 
file signing tooh the file signing tool then performing further processing as necessary to generate 
a digital signature that is appended to the file for download to the terminal . 

12. (Original) A method as claimed in claim 11, further comprising the steps of storing the 
private key on the smart card and of requiring input of multiple PINs before granting access to 
functions performed by the smartcard. 

1 3 . (Original) A method as claimed in claim 1 1 , further comprising the step of supplying a file 
to be signed to a file signing tool, using the file signing tool to access the smartcard, and 
downloading signed files to the terminal. 

14. (Original) A method as claimed in claim 11, further comprising the step of storing on the 
smartcard a signer certificate containing a public key corresponding to said private key. 

15. (Original) A method as claimed in claim 14, further comprising the step of using a file signer 
tool to retrieve the signer certificate from said smartcard and append the signer certificate to the 
signed file for use by the terminal in authenticating a digital signature generated by the smartcard 
and file signing tool. 

16. (Original) A method as claimed in claim 15, further comprising the step of designating file 
types that may be authenticated by the signer certificate, and including the file type designation 
in the signer certificate. 
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17. (Original) A method as claimed in claim 15, further comprising the step of authenticating 
the signer certificate by referring to an owner certificate pre-installed in said terminal. 

18. (Original) A method as claimed in claim 11, wherein the smartcard also has stored thereon 
at least one PIN, and further comprising the step of causing the smartcard to perform digital 
signing operations only if a corresponding at least one PIN is input through a file signing tool. 

19. (Original) A method as claimed in claim 18, further comprising the steps of: 

storing an authentication level on the smartcard, said authentication level indicating a 
number of PINs that must be input in order to access the smartcard; 

reading the authentication level and prompting at least one user to input said PINs; 
combining said PINs to obtain a combined PIN; and 

comparing said combined PIN with said at least one PIN stored on the smartcard before 
said digital signing operations are performed. 

20. (Original) A method as claimed in claim 18, further comprising the step of storing on said 
smartcard a plurality of said PINs in order to permit access to different private keys and public 
keys certificates having different file type properties, thereby enabling different authorization 
levels to be established. 
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